8 matches found
Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)
The remote host is missing updates announced in advisory GLSA 201201-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
[SECURITY] [DSA 2286-1] phpmyadmin security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2286-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 26, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2286-1] phpmyadmin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2286-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 26, 2011 http://www.debian.org/security/faq -...
Fedora Update for phpMyAdmin FEDORA-2011-9144
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2011-2507
libraries/serversynchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e aka PREGREPLACEEVAL modifier, and consequently execute arbitrary...
CVE-2011-2507
CVE-2011-2507 affects phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1. The vulnerability stems from improper quoting of regular expressions in libraries/server_synchronize.lib.php, allowing a remote authenticated user to inject a PCRE_EVAL modifier via a modified SESSION array and execute...
Regular expression quoting issue in Synchronize code.
PMASA-2011-7 Announcement-ID: PMASA-2011-7 Date: 2011-07-02 Updated: 2011-07-04 Summary Regular expression quoting issue in Synchronize code. Description Through a possible bug in PHP, a null byte can truncate the pattern string allowing an attacker to inject the /e modifier causing the pregrepla...